Editor’s note: My first encounter with the City of Minneapolis / Unisys relationship was in 2004, when I interviewed them for an article describing why they had received an Outsourcing Excellence Award. I’ve followed them through the years, observing how they often are first movers in collaborating on the effective use of technology. Developing policies around BYOD, security and managing a mobile environment in a company or government agency is an area where many organizations struggle today. In this interview, Otto Doll, CIO for the City of Minneapolis, describes the decision-making process they went through to accommodate iPads in their environment.
SandHill.com: Unisys is your managed services provider for nearly all of the city’s IT. When did you begin talking with Unisys about bringing iPads into the mobile environment and what led up to it?
Otto Doll: We started talking to them about it last year. We began seeing people bringing their iPads to work, which is the same phenomenon that we saw earlier with smartphones. We wanted to get in front of what we consider to be an inevitable trend — of employees wanting the same consumer-oriented technologies at work as they have in their personal lives — and create a framework for supporting iPads.
We also wanted to establish a mechanism whereby people could not only use iPads but they could either get a city-issued iPad or use their own.
Non-iPad tablet technology (using pens rather than fingertips) has actually been in the city for a while. Our assessors use Motion Computing slate tablets when they’re in the field when they’re doing assessments. And our sidewalk inspectors, construction code inspectors and environmental management use them.
SandHill.com: Why did you need to create a separate policy for iPads than what you had in place for smartphones or even for the non-iPad tablets?
Otto Doll: With iPads, users have the ability to store larger amounts of data. That puts us in a position of risk. We can try to block apps or control access, but that puts a constraint on being able to take advantage of the technologies.
And the iPad is a more generic capability than our prior use of tablets — something that possibly would be used across the entire city government rather than just a specific function. So we had to make decisions around securing that environment and create a support framework.
Our contract includes mechanisms whereby Unisys helps with solutioning the deployment of technologies in the future, whatever may arise. The iPad is a good example of a technology that came on the scene for which we needed a solution for bringing this competitive advantage into our corporate infrastructure. When we look at a challenge or an opportunity, we go to Unisys to seek a solution and help us make heads or tails out of what is currently going on in the industry. Then, along with our own resources, we mutually come up with a good solution.
SandHill.com: How long did it take you to work through the decisions and deploy your solution?
Otto Doll: The real challenge for CIOs, whether public or private, is that in reality these devices were not made for corporate America; they were made for the consumer marketplace. Now they’re working their way into corporate America and we have to absorb consumer-based technology such as iPads and smartphones into a corporate infrastructure and then protect and lock up the devices. We’ve got to deal with security concerns.
We had to set up the capability to wipe a device, set up a policy structure around that and get employees to sign off on this higher level of security requirements. We also had to work through the purchase and/or set-up of existing and new employees who bring their own devices in.
There was a whole series of things that had to be accomplished, which we worked through in 2011. We ultimately launched the program January 1, 2012.
SandHill.com: How did you set policies on wiping devices, privacy, etc.? That’s something that a lot of corporations are really struggling with.
Otto Doll: From our standpoint, we take the approach that employees are already bound by some requirements to abide by various rules and regulations that exist in the city, state, and federal laws relative to the information that they may have or be granted access to. There are specific requirements of HIPAA and CII and MPI, and a slew of other things that we have to be concerned with.
Because of that, when our employees accessed Web mail from their home PCs prior to having this policy, they were already under an understanding of what their responsibilities were for protecting and securing city information and seeing that it wasn’t abused, lost, etc. We followed that orientation with the iPad policies.
In each case, we require people to sign a policy statement that lays out their responsibilities so that they recognize we have the ability to wipe the device and we have the ability to, and will, set a stronger level of security on the device. They have to use a much stronger password than what an iPad would normally allow you to get away with.
We take precautions through security mechanisms the best that we can. But ultimately we have to put trust in our employees that they will abide by the sets of rules and regulations by which the city operates. So we go forward with that orientation. And so far it’s worked out.
SandHill.com: Is there a risk of the city information on employee-owned devices being backed up to the cloud?
Otto Doll: No. The data originates within the city network at a data center that Unisys runs. Just like we do for desktops and laptops, we ask people not to put data on their devices.
Understanding how iPads work and how applications work, there are times when things literally get copied to the device, it gets worked on, and then the person transfers that back to the city’s network and data center, etc. That’s part of the challenge with these types of technologies; they use devices in different ways than laptops and desktops.
SandHill.com: You implemented a model where employees have a choice between using their own devices or city-owned devices. Does the city support the personally owned devices?
Otto Doll: Employees have two options. One is a basic service that allows people to establish a connection with the city’s world primarily where they get to their email, calendar, tasks and that kind of thing. There’s also a premier service that allows them to access their data and their application sets and also provides a set of apps that we placed in the Minneapolis App Store, which Unisys hosts in its data center.
The department managers have final say as to whether or not somebody in their department gets a city-owned iPad, just like any other technology issued by the city. It’s ultimately the department’s money.
If somebody brings their own device in, we do some up-front problem determination. But ultimately it’s the responsibility of the employee to get the device fixed. Our IT organization fully supports city-issued iPads like we would with any laptop, desktop or other technology.
So that’s an added cost. I hope, and I actually do expect, that someday we’re going to get the sort of capability in a tablet form factor that’s truly going to allow our workforce to exist only with that form factor and not require additional desktops and laptops for their work. The industry is not there yet. But I expect one day we will get there.
SandHill.com: Were there any unexpected benefits that the city has realized because of this initiative?
Otto Doll: One of the subtle things that we started seeing is a change in how people collaborate, communicate and network together when they have computing with them at all times.
The meetings of old were always a bunch of people in a room and, if somebody didn’t have knowledge of whatever was being discussed or the answer to some question asked or some fact that was needed, it was the classical “I’ll get back to you on that.” But when people have technology readily available on their person, where they can do things like get to information that’s back at their desk or information in the systems, and access to the Internet to look things up, you start seeing a better interaction among folks.
With the iPad, more and more people show up with technology in tow because the form factor makes people willing to carry it around versus carrying a laptop around.
SandHill.com: What is your top advice for CIOs who haven’t yet put their foot in the water for the mobile environment? What is starting point for making decisions around going mobile?
Otto Doll: First of all, I think you really have to understand how far you are willing to go on the risks with these types of devices. They were not meant for the corporate paradigm. If you’re not willing to trust your employees to a greater degree — which you have to do with mobile devices — then there’s no need to go there now.
But as your workforce changes and gets injected with newer generations of people who grew up with consumer-based technology and want to make use of it when they move into the workforce, your hand ultimately will be forced.
SandHill.com: How important was the trusted advisor aspect of the relationship with Unisys in giving you the confidence of moving forward to the mobile environment?
Otto Doll: There is such a complex web of things that you have to consider when absorbing mobile technologies into a corporate infrastructure, so it was important for us to go to Unisys.
At the city, I have a staff of 57 really good people running the IT for a $1.3 billion entity. But there are a lot of technologies involved in running a city. And there are a multitude of areas that have to be considered just in implementing something as seemingly simple as an iPad.
With Unisys, I don’t have to maintain a mobility expert or have one of my people take on even more technology responsibility and understanding. We have access to a pool of expertise at Unisys, people whose day-in and day-out job is to keep up with the technologies and understand its use and determine best practices, etc. We rely on them to help us understand all the nuances of the things that we have to make decisions about.
Otto Doll is CIO for the City of Minneapolis. Formerly he was South Dakota’s CIO for 15 years. Earlier as a senior research analyst, he advised Fortune 1000, federal, state and local government CIOs on IT assessment and alignment to business needs. He served as a director with the U.S. General Services Administration, developing IT strategic plans and oversight policy. He is a past president of NASCIO, a national organization of state CIOs.
Kathleen Goolsby is managing editor at SandHill.com.